如果有声明,我如何向我的 Lambda 添加更多策略?
How can i add more policies to my Lambda if there is a Statement?
我在属性下添加了这个
Statement:
- Effect: Allow
Action:
- 'ses:SendEmail'
- 'ses:SendRawEmail'
Resource: '*'
它有效,但我也想添加 - AWSLambdaBasicExecutionRole,但如果我将它添加到与语句相同级别的策略下,在
之前或之后,我会收到错误消息
有没有办法两者兼得?
这是一个 IAM 角色的示例,它包含特定的 SES 权限并利用 AWSLambdaBasicExecutionRole 托管策略。
MyLambdaRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service: lambda.amazonaws.com
Action: sts:AssumeRole
ManagedPolicyArns:
- arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
Policies:
- PolicyName: ses-access
PolicyDocument:
Statement:
Effect: Allow
Action:
- ses:SendEmail
- ses:SendRawEmail
Resource: *
我在属性下添加了这个
Statement:
- Effect: Allow
Action:
- 'ses:SendEmail'
- 'ses:SendRawEmail'
Resource: '*'
它有效,但我也想添加 - AWSLambdaBasicExecutionRole,但如果我将它添加到与语句相同级别的策略下,在
之前或之后,我会收到错误消息有没有办法两者兼得?
这是一个 IAM 角色的示例,它包含特定的 SES 权限并利用 AWSLambdaBasicExecutionRole 托管策略。
MyLambdaRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service: lambda.amazonaws.com
Action: sts:AssumeRole
ManagedPolicyArns:
- arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
Policies:
- PolicyName: ses-access
PolicyDocument:
Statement:
Effect: Allow
Action:
- ses:SendEmail
- ses:SendRawEmail
Resource: *